org.springframework.amqp:spring-amqp@2.2.21.RELEASE vulnerabilities
-
latest version
3.1.5
-
latest non vulnerable version
-
first published
13 years ago
-
latest version published
14 days ago
-
licenses detected
- [1.0.0.RELEASE,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the org.springframework.amqp:spring-amqp package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
org.springframework.amqp:spring-amqp is a package that provides support for using Spring and Java with AMQP 0.9.1, and in particular RabbitMQ. Affected versions of this package are vulnerable to Deserialization of Untrusted Data arriving in AMQP messages. By default, when no allowed list is provided, all classes can be deserialized. Note An application is vulnerable if all of these conditions are met:
How to fix Deserialization of Untrusted Data? Upgrade |
[1.0.0,2.4.17)
[3.0.0,3.0.10)
|